Legal claims defining the scope of protection, as filed with the USPTO.
1. An apparatus, comprising: a removable secure execution module arranged to connect with a computing platform for a wireless mobile device, the removable secure execution module having a processing system to execute a security control module operative to communicate with a security server over a wireless channel on a periodic basis to obtain a security status for the wireless mobile device, and output control directives to control operations for one or more components of the computing platform based on the security status, the security control module comprising a security provisioning module operative to provision the computing platform with a security monitor module when the removable secure execution module is first connected to the computing platform, and bind the removable secure execution module to the computing platform and the security monitor module provisioned on the computing platform.
2. The apparatus of claim 1 , the removable secure execution module comprising a smart card, a subscriber identity module card, a universal integrated circuit card, or a removable user identity module card.
3. The apparatus of claim 1 , the removable secure execution module comprising a wireless service module arranged to control an international mobile subscriber identity for an operator of the wireless mobile device and an integrated circuit card identifier.
4. The apparatus of claim 1 , the computing platform having a processing system to execute the security monitor module, the security monitor module operative to receive control directives from the security control module, and control operations for one or more components of the computing platform based on the control directives.
5. The apparatus of claim 1 , the security control module comprising a security services module and a first security timer, the security services module operative to send a security timer update signal to the security server, determine whether a first security timer reset signal is received from the security server before the first security timer expires, and send a second security timer reset signal to a security agent for the security monitor module to reset a second security timer for the security monitor module when the first security timer reset signal is received before the first security timer expires.
6. The apparatus of claim 1 , the security control module comprising a security services module and a security timer, the security services module operative to send a security timer update signal to the security server, determine whether a security timer reset signal is received from the security server before the security timer expires, and send a disable signal to a security agent for the security monitor module to disable operations for one or more components of the computing platform when the security timer reset signal is not received before the security timer expires.
7. The apparatus of claim 1 , the security control module comprising a security services module and a security timer, the security services module operative to send a security timer update signal to the security server, determine whether a security timer reset signal is received from the security server before the security timer expires, and send an enable signal to a security agent for the security monitor module to enable previously disabled operations for one or more components of the computing platform when the security timer reset signal is received before the security timer expires.
8. The apparatus of claim 1 , the security control module comprising a security services module operative to receive a first disable signal from the security server, and send a second disable signal to a security agent for the security monitor module to disable operations for one or more components of the computing platform.
9. The apparatus of claim 1 , the security monitor module comprising a security agent and a security timer, the security agent operative to disable operations for one or more components of the computing platform when the security timer expires, when the security agent detects the removable secure execution module is disconnected from the computing platform, or when the security agent receives a disable signal from the security control module.
10. The apparatus of claim 1 , the wireless mobile device comprising a digital display and a wireless transceiver.
11. A method, comprising: receiving a security status from a security server by a security control module arranged for execution by a first processing system of a removable secure execution module when the removable secure execution module is connected to a computing platform; sending control directives to a security monitor module arranged for execution by a second processing system of the computing platform, the control directives to control operations for one or more components of the computing platform based on the security status; controlling operations for one or more components of the computing platform based on the control directives received from the security control module; provisioning the computing platform with a security monitor module when the removable secure execution module is first connected to the computing platform; and binding the removable secure execution module to the computing platform and the security monitor module provisioned on the computing platform.
12. The method of claim 11 , comprising disabling operations for one or more components of the computing platform when a security timer expires.
13. The method of claim 11 , comprising disabling operations for one or more components of the computing platform when the removable secure execution module is disconnected from the computing platform.
14. The method of claim 11 , comprising disabling operations for one or more components of the computing platform when the security monitor module receives a disable signal from the security control module.
15. The method of claim 11 , comprising querying the removable secure execution module for a security state before starting an operating system for the computing platform.
16. An article comprising a non-transitory storage medium containing instructions that when executed by a processor enable a system to: receive a first set of control directives from a security server by a security control module arranged for execution by a first processing system of a removable secure execution module when the removable secure execution module is connected to a computing platform; send a second set of control directives to a security monitor module arranged for execution by a second processing system of the computing platform, the second set of control directives to control operations for one or more components of the computing platform; provision the computing platform with the security monitor module when the removable secure execution module is first connected to the computing platform; and bind the removable secure execution module to the computing platform and the security monitor module provisioned on the computing platform.
17. The article of claim 16 , comprising instructions that when executed by a processor enable the system to disable operations for one or more components of the computing platform when a security timer expires, when the removable secure execution module is disconnected from the computing platform, or when the security monitor module receives a disable signal from the security control module.
Unknown
January 1, 2013
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.